System Administration

For quite a while, I’ve been getting the “nf_conntrack: automatic helper assignment is deprecated and it will be removed soon” warning at boot. So I can’t say I was too surprised when I started getting “kernel: nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.”
Back in January/February 2017 there was a post on the Linux-Kernel mailing list submitting a patch to print out the warning so firewall admins would at least have notice.

#Handy One-Liners
This page is a collection of random one-liners I’ve used and wanted to keep track of.
list contents of all crontabs for user in $(cut -f1 -d: /etc/passwd); do crontab -u $user -l; done

I ran into a problem with NGINX failing to start on boot/reboot on my Debian 8 (Jessie) server. After reviewing what seemed like a hundred sites to try to find a fix, I stumbled across one solution that worked, but was incredibly inelegant. This was to add:
RestartSec=30s Restart=on-failure to nginx.service in the [Service] section using the override.conf. It worked but didn't fix the underlying problem.
A quick look using `journalctl -u nginx` showed that the service was failing because the IPv6 address hadn't been assigned to the network adaptor yet.

merge-ngx-conf.pl is a perl script used to assemble a set of nginx configuration files for one site. It has a number of options. See the bitbucket page or the help documentation in the script itself.
In its simplest form, it’s called by issuing this command:
merge-ngx-conf.pl /path/sites-available/filename
The output is an assembled nginx configuration file with all the includes inserted. Using nginx.conf and domain.conf (or just domain.conf depending on the options selected), the script iterates through the include directives in the files and inserts the text from the referenced file.